Documentation
¶
Index ¶
- Constants
- Variables
- func CrawlUrls(u string, added map[string]bool, excluded map[string]bool) []string
- func DOS() reportResult
- func ForwardHeadersTemplate(repResult *reportResult, headers []string, values []string, identifier string, ...)
- func GenerateHeaderString() string
- func GenerateReport(report Report, filePath string)
- func InitClient()
- func ParseFlags(vers string)
- func Print(msg string, c int)
- func PrintFatal(msg string)
- func PrintLog(msg string)
- func PrintNewLine()
- func PrintVerbose(msg string, c int, threshold int)
- func RandomString(length int) string
- func ReadLocalFile(path string, name string) []string
- func ScanCSS() reportResult
- func ScanCookies() reportResult
- func ScanFatGET() reportResult
- func ScanForwardingHeaders() reportResult
- func ScanHTTPRequestSmuggling(proxyURL *url.URL) reportResult
- func ScanHeaders(headerList []string) reportResult
- func ScanParameterCloaking() reportResult
- func ScanParameterEncoding() reportResult
- func ScanParameterPollution() reportResult
- func ScanParameters(parameterList []string) reportResult
- func TestWebCacheDeception() reportResult
- type CacheStruct
- type ConfigStruct
- type FlagStruct
- type Report
- type ReportWebsite
- type WebsiteStruct
Constants ¶
View Source
const ( RESP_SPLIT_HEADER = "Web_Cache" RESP_SPLIT_VALUE = "Vulnerability_Scanner" NO_DUPE_HEADER = 0 DUPE_HEADER_BEFORE = 1 DUPE_HEADER_AFTER = 2 )
View Source
const NOOGPARAM = "NoOGParameter"
Variables ¶
View Source
var ( NoColor = 0 Red = 1 Yellow = 2 Green = 3 Cyan = 4 )
View Source
var ( DefaultHeaders = []string{}/* 2921 elements not displayed */ DefaultParameters = []string{}/* 6454 elements not displayed */ )
Functions ¶
func ForwardHeadersTemplate ¶
func GenerateHeaderString ¶
func GenerateHeaderString() string
func GenerateReport ¶
func InitClient ¶
func InitClient()
func ParseFlags ¶
func ParseFlags(vers string)
func PrintFatal ¶
func PrintFatal(msg string)
func PrintNewLine ¶
func PrintNewLine()
func PrintVerbose ¶
func RandomString ¶
RandomString generates a random string of the specified length
func ReadLocalFile ¶
func ScanForwardingHeaders ¶
func ScanForwardingHeaders() reportResult
func ScanParameterPollution ¶
func ScanParameterPollution() reportResult
Check for Parameter Pollution
func ScanParameters ¶
func ScanParameters(parameterList []string) reportResult
Scan query parameters for poisoning
func TestWebCacheDeception ¶
func TestWebCacheDeception() reportResult
Types ¶
type CacheStruct ¶
type CacheStruct struct {
CBwasFound bool
CBisParameter bool
CBisHeader bool
CBisCookie bool
CBisHTTPMethod bool
CBName string
NoCache bool
Indicator string
TimeIndicator bool
}
func CheckCache ¶
func CheckCache(parameterList []string, headerList []string) (CacheStruct, bool, []error)
Check if the parameter "cb" (or any other defined by flag -cb), the headers "accept-encoding, accept, cookie, origin" or any cookie can be used as cachebuster
type ConfigStruct ¶
type ConfigStruct struct {
Threads int
ReqRate float64
Verbosity int
DoPost bool
ContentType string
QuerySeparator string
CacheBuster string
TimeOut int
DeclineCookies bool
Force bool
UseHTTP bool
ReasonTypes string
CLDiff int
HMDiff int
SkipTimebased bool
SkipWordlistCachebuster bool
CacheHeader string
DisableColor bool
DisableStatusLine bool
IgnoreStatus []int
Recursivity int
RecInclude string
RecExclude []string
RecDomains []string
RecLimit int
Urls []string
Cookies []string
Headers []string
Parameters []string
Body string
OnlyTest string
SkipTest string
GeneratePath string
GenerateReport bool
EscapeJSON bool
GenerateCompleted bool
GenerateLog bool
UseProxy bool
ProxyURL string
HeaderWordlist string
ParameterWordlist string
Intitialized bool
Limiter *rate.Limiter `json:"-"`
Website WebsiteStruct `json:"-"`
}
var Config ConfigStruct
func ReadConfigFile ¶
func ReadConfigFile() ConfigStruct
type FlagStruct ¶
type Report ¶
type Report struct {
Settings reportSettings `json:"-"`
Name string `json:"name"`
Version string `json:"version"`
Vulnerable bool `json:"foundVulnerabilities"`
HasError bool `json:"hasError"`
ErrorMessages []string `json:"errorMessages"`
Date string `json:"date"`
Duration string `json:"duration"`
Command string `json:"command"`
Config *ConfigStruct `json:"config,omitempty"`
Websites []ReportWebsite `json:"websites"`
}
type ReportWebsite ¶
type ReportWebsite struct {
URL string `json:"url"`
Vulnerable bool `json:"isVulnerable"`
HasError bool `json:"hasError"`
CacheIndicator string `json:"cacheIndicator"`
CBwasFound bool `json:"cacheBusterFound"`
CBName string `json:"cacheBuster"`
ErrorMessages []string `json:"errorMessages"`
Results []reportResult `json:"results"`
}
type WebsiteStruct ¶
type WebsiteStruct struct {
Headers map[string][]string
Body string
Cookies map[string]string
Url *url.URL
UrlWOQueries string
Queries map[string]string
StatusCode int
Cache CacheStruct
Domain string
}
func GetWebsite ¶
func GetWebsite(requrl string, setStatusCode bool, cacheBuster bool) (WebsiteStruct, error)
Simple get request to get the body of a normal response and the cookies
Source Files
Click to show internal directories.
Click to hide internal directories.